Researchers break into Windows encryption feature

With effort, hackers are able to break into an encryption feature available on newer versions of Windows.

security code

Researchers can break into BitLocker, the disk encryption feature available in Windows 7, Vista and Server 2008.

German experts from the Franhofer Institute for Secure Information Technology (SIT) revealed five attack strategies against BitLocker and the way its Trusted Platform Module (TPM) sealing mechanism works.

In certain circumstances, the researchers claim that dedicated hackers could "circumvent the protection and break confidentiality with limited effort".

"Our attacks neither exploit vulnerabilities in the encryption itself nor do they directly attack the TPM," the researchers claim in a report.

"They rather exploit sequences of actions that Trusted Computing fails to prevent, demonstrating limitations of the technology."

One attack took advantage of the boot process, where BitLocker needs to interact with the user to obtain a password or a key file from a USB memory stick, or both.

The program code interacting with the user is unencrypted, so an attacker with physical access is able to modify it.

The hacker could replace the original BitLocker boot code with a manipulated version, and spoof the user interaction with BitLocker.

The researchers made it clear that that they were using targeted attacks', where an attacker would devote considerable effort in trying to access data on a disk, for example in corporate espionage.

BitLocker is better designed to withstand real-world opportunistic attacks' for example, if a computer was stolen and somebody was trying to access the data to see what they could get.

Paul Cooke from Microsoft confirmed as much in a blog post. He said: "This research is similar to other published attacks where the owner leaves a computer unattended in a hotel room and anyone with access to the room could tamper with this computer.

"This sort of targeted attack poses a relatively low risk to folks who use BitLocker in the real world."

He added: "These sorts of targeted threats are not new and are something we've addressed in the past; in 2006 we discussed similar attacks, where we've been straightforward with customers and partners that BitLocker does not protect against these unlikely, targeted attacks."

Featured Resources

Key considerations for implementing secure telework at scale

Identifying the security risks and advanced requirements of a remote workforce

Download now

The State of Salesforce 2020

Your guide to getting the most from Salesforce

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Rethink your cybersecurity strategy for the new world

5 steps to secure the enterprise and be fit for a flexible future

Download now

Recommended

Andrew Daniels joins Druva as CIO and CISO
Cloud

Andrew Daniels joins Druva as CIO and CISO

22 Jul 2020
Virtualise Windows 7 under Windows 10
Microsoft Windows

Virtualise Windows 7 under Windows 10

5 Jul 2020
University of California gets fleeced by hackers for $1.14 million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Australia announces $1.35 billion investment in cyber security
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
Police use of facial recognition ruled unlawful in the UK
privacy

Police use of facial recognition ruled unlawful in the UK

11 Aug 2020